docs: Add note to gatekeeper overview for gatekeeper-config.yaml exclusions

Make it clear in the docs that we are excluding the following namespaces and why:

• kube-system: This is reserved for the Kubernetes distribution, which would get installed prior to gatekeeper. We don't have control over security policy on the distro, so we allow it to bypass the policy enforcement.
• gatekeeper-system: We do not want to enforce policies on the enforcer itself because it could potentially prevent us from upgrading to fix bugs or vulnerabilities. However, we do try to make gatekeeper compliant with best security practices that are present in the policies.